package com.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.catalina.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    @Autowired
    UserRealm userRealm;
    @Autowired
    DefaultWebSecurityManager defaultWebSecurityManager;
   // ShiroFilterFactoryBean
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(){
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
        //关联DefaultWebSecurityManager 即设置安全管理器
        bean.setSecurityManager(defaultWebSecurityManager);

        //shiro 的拦截操作！
        /*  anon:无需认证就可以访问
            authc:必须认证了才能访问
            user:必须拥有记住我功能才能用
            perms:拥有对某个资源的权限才能访间;
            role:拥有某个角色权限才能访问
        */
        Map<String, String> filterMap = new LinkedHashMap<>();
        //设置拦截的url
        /*filterMap.put("/user/add","authc");
        filterMap.put("/user/update","authc");*/

        //拦截，只有拥有某种权限的用户才能访问
        filterMap.put("/user/add","perms[user:add]");
        filterMap.put("/user/update","perms[user:update]");

        filterMap.put("/user/*","authc");
        bean.setFilterChainDefinitionMap(filterMap);
        //设置登录的跳转地址url
        bean.setLoginUrl("/tologin");

        bean.setUnauthorizedUrl("/noperms");



        return bean;
    }



//    DefaultWebSecurityManager
    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager(){

        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //关联UserRealm

        securityManager.setRealm(userRealm);
        return securityManager;
    }


    //1、创建realm对象，需要自定义一个类
//    因为DefaultWebSecurityManager需要使用这个类
    @Bean
    public UserRealm userRealm(){
        return new UserRealm();
    }
    @Bean
    public ShiroDialect getShiroDialect(){
        return new ShiroDialect();
    }
}
